Marc Schoenefeld discovered an improper input sanitization in Pango, a libraryfor layout and rendering of text, leading to array indexing error.If a local user was tricked into loading a specially-crafted font file in anapplication, using the Pango font rendering library, it could lead to denialof service (application crash).

For the stable distribution (lenny), this problem has been fixed inversion 1.20.5-5+lenny1.

For the testing distribution (squeeze), and the unstable distribution (sid),this problem will be fixed soon.

We recommend that you upgrade your pango1.0 package.

Upgrade instructions- --------------------

wget url will fetch the file for youdpkg -i file.deb will install the referenced file.

If you are using the apt-get package manager, use the line forsources.list as given below: